cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

​WinAD SSO: Error 500 on BOBJ 4.2 sp05 patch3 installation

michael_jennings
Participant

on ‎09-19-2018 10:42 PM

0 Kudos

Hi all,

I have installed BOBJ 4.2 sp05. When I tried to launch BI Launch Pad, using WinAD SSO, I get error below: http status 500 - com.wedgetail.idm.sso.protocolexception: com.wedgetail.idm.spnego.server.spnegoexception: com.dstc.security.util.asn1.asn1exception: bad tag encountered: 78

I report that the manually connection using WinAD authentication works fine. Wich log file I have to check in order to understand wich is the problem?

P.S.

Unfortunately the topic https://archive.sap.com/discussions/thread/2116896# doesn't solve the issue.

In particular I have copied the spnego-r5.jar file under lib folder of tomcat but the problem persist.

Any help is apreciated.

Thanks,

MJ

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

BasicTek
Advisor
Advisor
‎09-25-2018 12:02 PM

bad tag usually indicates an SSO attempt from the server or web/app console. Kerberos will not work from the console it must be done from a client PC. Also are you using the latest KBA for setting up SSO? https://apps.support.sap.com/sap/support/knowledge/preview/en/2629070


-Tim

Show replies
Show replies
michael_jennings
Participant
‎10-08-2018 2:18 PM
0 Kudos

Hi All,

I solve this issue adding "delegation" rights to the WinAD users.

Thanks to all.

Best Regards,

MJ

Show replies
Show replies
denis_konovalov
Active Contributor
‎09-20-2018 12:46 PM
0 Kudos

There are 16 KBA's when I search for com.wedgetail.idm.sso.protocolexception - have you looked at them to see if one matches your scenario ?

Show replies
Show replies
former_member456023
Contributor
‎09-20-2018 7:31 AM
0 Kudos

For SSO configuration follow the below document it is a very nice step-by-step document on "How to configure Windows AD in SAP BI"

https://blogs.sap.com/2016/09/02/sso-configuration-with-active-directory-sap-business-objects-42-aes...

Regarding 500 error, looks like there is a problem with keytab file, there is a similar discussion in the below thread, follow the solution hope it helps.

https://blogs.sap.com/2016/09/02/sso-configuration-with-active-directory-sap-business-objects-42-aes...

Thanks

Ashraf

Show replies
Show replies
michael_jennings
Participant
‎09-21-2018 6:40 PM
0 Kudos

Hi Mohammed,

I have followed the link reported by you but unfortunately I have not resolved the issue.

Do I have to configure tomcat log4j in order find out the issue?

If not What I have to do in order to solve this issue?

Regards, MJ

former_member456023
Contributor
‎09-22-2018 7:05 AM
0 Kudos

For more information on error, check the log file under tomcat directory.

One of the cause of Single Sign On fails is due to duplicate Service Principal Name (SPN). Check if there are any duplicate SPN for the service account.

Also check whether the password of the service account been changed? Because if so then you need to regenerate the keytab file with updated password

Ask a Question